From 8f51cda81e06f7a1651e766b1821d335ffa0d627 Mon Sep 17 00:00:00 2001
From: Avris <andre@avris.it>
Date: Wed, 11 Aug 2021 12:23:29 +0200
Subject: [PATCH] [team] add "basic" permissions

---
 components/Roles.vue     |  1 +
 plugins/auth.js          |  2 +-
 routes/profileEditor.vue |  2 +-
 server/index.js          |  2 +-
 server/routes/profile.js | 12 ++++++------
 src/helpers.js           |  4 ++--
 6 files changed, 12 insertions(+), 11 deletions(-)

diff --git a/components/Roles.vue b/components/Roles.vue
index 4716c1f9..2ca8395e 100644
--- a/components/Roles.vue
+++ b/components/Roles.vue
@@ -38,6 +38,7 @@
                 allLocales,
                 allAreas: [
                     '*',
+                    'basic',
                     'panel',
                     'users',
                     'sources',
diff --git a/plugins/auth.js b/plugins/auth.js
index f2c5c861..c3e5223d 100644
--- a/plugins/auth.js
+++ b/plugins/auth.js
@@ -12,7 +12,7 @@ export default ({app, store}) => {
     }
 
     Vue.prototype.$user = _ => store.state.user;
-    Vue.prototype.$isGranted = (area) => {
+    Vue.prototype.$isGranted = (area = '') => {
         return store.state.user && store.state.user.authenticated && isGranted(store.state.user, config.locale, area);
     }
 }
diff --git a/routes/profileEditor.vue b/routes/profileEditor.vue
index cbb81586..a702125d 100644
--- a/routes/profileEditor.vue
+++ b/routes/profileEditor.vue
@@ -15,7 +15,7 @@
         </div>
 
         <form @submit.prevent="save" :class="[saving ? 'saving' : '']">
-            <div v-if="$isGranted('users')" class="border border-primary rounded p-4">
+            <div v-if="$isGranted()" class="border border-primary rounded p-4">
                 <h3 class="h4 mb-3">
                     <Icon v="user-cog"/>
                     Admin section
diff --git a/server/index.js b/server/index.js
index 0677d682..6fe6af86 100644
--- a/server/index.js
+++ b/server/index.js
@@ -62,7 +62,7 @@ app.use(async function (req, res, next) {
     try {
         req.rawUser = authenticate(req);
         req.user = req.rawUser && req.rawUser.authenticated ? req.rawUser : null;
-        req.isGranted = (area, locale = global.config.locale) => req.user && isGranted(req.user, locale, area);
+        req.isGranted = (area = '', locale = global.config.locale) => req.user && isGranted(req.user, locale, area);
         req.db = new LazyDatabase();
         res.on('finish', async () => {
             await req.db.close();
diff --git a/server/routes/profile.js b/server/routes/profile.js
index 8a795028..5aaadf2b 100644
--- a/server/routes/profile.js
+++ b/server/routes/profile.js
@@ -144,9 +144,9 @@ router.post('/profile/save', handleErrorAsync(async (req, res) => {
                 flags = ${JSON.stringify(req.body.flags)},
                 customFlags = ${JSON.stringify(req.body.customFlags)},
                 words = ${JSON.stringify(req.body.words)},
-                teamName = ${req.isGranted('users') ? req.body.teamName || null : ''},
-                footerName = ${req.isGranted('users') ? req.body.footerName || null : ''},
-                footerAreas = ${req.isGranted('users') ? req.body.footerAreas.join(',') || null : ''},
+                teamName = ${req.isGranted() ? req.body.teamName || null : ''},
+                footerName = ${req.isGranted() ? req.body.footerName || null : ''},
+                footerAreas = ${req.isGranted() ? req.body.footerAreas.join(',') || null : ''},
                 card = NULL
             WHERE id = ${ids[0]}
         `);
@@ -155,9 +155,9 @@ router.post('/profile/save', handleErrorAsync(async (req, res) => {
             VALUES (${ulid()}, ${req.user.id}, ${global.config.locale}, ${JSON.stringify(req.body.names)}, ${JSON.stringify(req.body.pronouns)},
                 ${req.body.description}, ${req.body.birthday || null}, ${JSON.stringify(req.body.links.filter(x => !!x))}, ${JSON.stringify(req.body.flags)}, ${JSON.stringify(req.body.customFlags)},
                 ${JSON.stringify(req.body.words)}, 1,
-                ${req.isGranted('users') ? req.body.teamName || null : ''},
-                ${req.isGranted('users') ? req.body.footerName || null : ''},
-                ${req.isGranted('users') ? req.body.footerAreas.join(',') || null : ''}
+                ${req.isGranted() ? req.body.teamName || null : ''},
+                ${req.isGranted() ? req.body.footerName || null : ''},
+                ${req.isGranted() ? req.body.footerAreas.join(',') || null : ''}
         )`);
     }
 
diff --git a/src/helpers.js b/src/helpers.js
index e469c305..c365d57c 100644
--- a/src/helpers.js
+++ b/src/helpers.js
@@ -173,7 +173,7 @@ export const shuffle = a => {
     return a;
 }
 
-export const isGranted = (user, locale, area) => {
+export const isGranted = (user, locale, area = '') => {
     if (area === '*') {
         return user.roles.split('|').includes('*');
     }
@@ -183,7 +183,7 @@ export const isGranted = (user, locale, area) => {
             return true;
         }
         const [ permissionLocale, permissionArea ] = permission.split('-');
-        if ((permissionLocale === '*' || permissionLocale === locale) && (permissionArea === '*' || permissionArea === area)) {
+        if ((permissionLocale === '*' || permissionLocale === locale) && (permissionArea === '*' || permissionArea === area || area === '')) {
             return true;
         }
     }